CVE-2019-11815 (retired)

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linuxkernel before 5.0.8. There is a race condition leading to a use-after-free,related to net namespace cleanup.

Ubuntu-Description

It was discovered that a race condition leading to a use-after-free existedin the Reliable Datagram Sockets (RDS) protocol implementation in the Linuxkernel. The RDS protocol is blacklisted by default in Ubuntu. If enabled, alocal attacker could use this to cause a denial of service (system crash)or possibly execute arbitrary code.

sarnold> I haven't yet seen evidence to support allegations that this is remotely exploitable. Blacklisting rds.ko module is probably sufficient to prevent the vulnerable code from loading. The default configuration of the kmod package has included RDS in /etc/modprobe.d/blacklist-rare-network.conf since 14.04 LTS. I'm dropping priority as a result.